AIX7-00-003100 - The AIX SSH daemon must be configured to only use FIPS 140-2 approved ciphers - Approved List | DISA STIG AIX 7.x v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - applications | DISA STIG for Microsoft Dot Net Framework 4.0 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
APPNET0075 - Disable TLS RC4 cipher in .Net | DISA STIG for Microsoft Dot Net Framework 4.0 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000530 - The Cisco router must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh algorithm | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000530 - The Cisco router must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh algorithm | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS XE Switch NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001210 - The Cisco router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions - ssh version | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBF030 - Firefox must be configured to allow only TLS - security.tls.version.max | DISA STIG Mozilla Firefox Windows v5r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI014-IE11 - Turn off Encryption Support must be enabled. | DISA STIG IE 11 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI014-IE11 - Turn off Encryption Support must be enabled. | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI1100-IE11 - Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled. | DISA STIG IE 11 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI1100-IE11 - Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled. | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO321 - Encrypt document properties must be configured for OLE documents. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000670 - Exchange internal Send connectors must use an authentication level. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000033 - The BIG-IP Core implementation must be configured to use encryption services that implement NIST SP 800-52 Revision 2 compliant cryptography to protect the confidentiality of connections to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000295 - The BIG-IP Core implementation must be configured to use NIST FIPS-validated cryptography to implement encryption services when providing encrypted traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN000595 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm - CRYPT_ALGORITHMS_ALLOW | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN000595 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm - CRYPT_ALGORITHMS_ALLOW | DISA STIG Solaris 10 X86 v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN000595 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm - CRYPT_DEFAULT | DISA STIG Solaris 10 SPARC v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005506 - The SSH daemon must be configured to not use Cipher-Block Chaining (CBC) ciphers. | DISA STIG Solaris 10 SPARC v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005506 - The SSH daemon must be configured to not use Cipher-Block Chaining (CBC) ciphers. | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG Solaris 10 X86 v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005511 - The SSH client must be configured to not use CBC-based ciphers. | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Solaris 10 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN007980 - If the system is using LDAP for authentication or account information, the system must use a TLS connection using FIPS 140-2 approved cryptographic algorithms - configured | DISA STIG Solaris 10 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN007980 - If the system is using LDAP for authentication or account information, the system must use a TLS connection using FIPS 140-2 approved cryptographic algorithms - configured | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN007980 - If the system is using LDAP for authentication or account information, the system must use a TLS connection using FIPS 140-2 approved cryptographic algorithms - servers | DISA STIG Solaris 10 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
GEN007980 - If the system is using LDAP for authentication or account information, the system must use a TLS connection using FIPS 140-2 approved cryptographic algorithms - servers | DISA STIG Solaris 10 X86 v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SI-000203 - A private IIS 8.5 website must only accept Secure Socket Layer connections. | DISA IIS 8.5 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SI-000204 - A public IIS 8.5 website must only accept Secure Socket Layer connections when authentication is required. | DISA IIS 8.5 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SV-000137 - The production IIS 8.5 web server must utilize SHA2 encryption for the Machine Key - Encryption Method | DISA IIS 8.5 Server v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |